From d80573c61254a2f8f371746bc678bd3b60f8a6a4 Mon Sep 17 00:00:00 2001
From: Mitya_Eremeev <mitossvyaz@mail.ru>
Date: Mon, 6 Jun 2022 13:17:51 +0300
Subject: Fix deprecated rule logic if the rule was deleted in policy
 directory.

The bug scenario:
- define deprecated rule in policy folder
- start a service
- enforce policies
- remove the rule in policy folder
- enforce policies

New default is applied to the rule,
but new and old defaults should be applied
(OR logic)
The patch fixes it.

Closes-Bug: 1977549
Change-Id: If11fe2da1163d6d3f16d133aeb207a055cf30de4
---
 oslo_policy/policy.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/oslo_policy/policy.py b/oslo_policy/policy.py
index 445b1df..ea2ab53 100644
--- a/oslo_policy/policy.py
+++ b/oslo_policy/policy.py
@@ -664,6 +664,7 @@ class Enforcer(object):
                                                )
                 elif self.overwrite:
                     self.rules = Rules(default_rule=self.default_rule)
+                    self.file_rules = {}
                 for path in existing_policy_dirs:
                     self._walk_through_policy_directory(
                         path, self._load_policy_file, True, False)
-- 
cgit v1.2.1